hugo - Debian Package Tracker

general

source: hugo (main)
version: 0.158.0-2
maintainer: Debian Go Packaging Team (DMD)
uploaders: Anthony Fok [DMD] – Dr. Tobias Quathamer [DMD]
arch: any
std-ver: 4.7.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.80.0-6
o-o-sec: 0.80.0-6+deb11u1
oldstable: 0.111.3-1
stable: 0.131.0-1
testing: 0.157.0-3
unstable: 0.158.0-2

versioned links

0.80.0-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.80.0-6+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.111.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.131.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.157.0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.158.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.158.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

hugo

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:09:36
Last run: 2026-03-19T22:45:15.000Z
Previous status: unknown

testing: pass (log)
The tests ran in 0:08:08
Last run: 2026-03-19T22:32:14.000Z
Previous status: unknown

stable: fail (log)
The tests ran in 0:06:04
Last run: 2026-03-05T19:01:11.000Z
Previous status: unknown

Created: 2025-02-02 Last update: 2026-03-20 13:00

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.158.0-3, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Created: 2026-03-20 Last update: 2026-03-20 12:32

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2026-03-17 Last update: 2026-03-20 08:31

debian/patches: 2 patches to forward upstream low

Among the 12 debian patches available in version 0.158.0-2 of the package, we noticed the following issues:

2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2026-02-28 Last update: 2026-03-20 09:32

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2024-55601: (needs triaging) Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are using one or more of these templates: `_default/_markup/render-link.html` from `v0.123.0`; `_default/_markup/render-image.html` from `v0.123.0`; `_default/_markup/render-table.html` from `v0.134.0`; and/or `shortcodes/youtube.html` from `v0.125.0`. This issue is patched in v0.139.4. As a workaround, one may replace an affected component with user defined templates or disable the internal templates.

You can find information about how to handle this issue in the security team's documentation.

Created: 2024-12-11 Last update: 2026-03-20 07:00

testing migrations

excuses:
- Migration status for hugo (0.157.0-3 to 0.158.0-2): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ Autopkgtest for hugo/0.158.0-2: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el: Failed (not a regression) ♻ (reference ♻), s390x: Regression ♻ (reference ♻)
- ∙ ∙ Missing build on riscv64
- ∙ ∙ Autopkgtest deferred on riscv64: missing arch:riscv64 build
- ∙ ∙ Lintian check waiting for test results on riscv64 - info
- ∙ ∙ Too young, only 0 of 5 days old
- Additional info (not blocking):
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/h/hugo.html
- ∙ ∙ Reproduced on amd64
- ∙ ∙ Reproducibility check waiting for results on arm64
- ∙ ∙ Reproducibility regression on armhf: hugo
- ∙ ∙ Reproducibility check waiting for results on i386
- ∙ ∙ Reproducibility check waiting for results on ppc64el
- Not considered

news

[rss feed]

[2026-03-20] Accepted hugo 0.158.0-3 (source) into unstable (Dr. Tobias Quathamer)
[2026-03-19] Accepted hugo 0.158.0-2 (source) into unstable (Dr. Tobias Quathamer)
[2026-03-19] Accepted hugo 0.158.0-1 (source) into unstable (Dr. Tobias Quathamer)
[2026-03-04] hugo 0.157.0-3 MIGRATED to testing (Debian testing watch)
[2026-02-28] Accepted hugo 0.157.0-3 (source) into unstable (Dr. Tobias Quathamer)
[2026-02-28] Accepted hugo 0.157.0-2 (source) into unstable (Dr. Tobias Quathamer)
[2026-02-27] Accepted hugo 0.157.0-1 (source) into unstable (Dr. Tobias Quathamer)
[2026-02-14] Accepted hugo 0.155.3-1 (source) into unstable (Dr. Tobias Quathamer)
[2026-02-07] Accepted hugo 0.155.2-1 (source) into unstable (Dr. Tobias Quathamer)
[2026-01-30] Accepted hugo 0.155.1-1 (source) into unstable (Dr. Tobias Quathamer)
[2026-01-20] hugo 0.154.5-1 MIGRATED to testing (Debian testing watch)
[2026-01-14] hugo 0.154.3-1 MIGRATED to testing (Debian testing watch)
[2026-01-13] Accepted hugo 0.154.5-1 (source) into unstable (Dr. Tobias Quathamer)
[2026-01-07] Accepted hugo 0.154.3-1 (source) into unstable (Dr. Tobias Quathamer)
[2026-01-06] Accepted hugo 0.154.2-2 (source) into unstable (Dr. Tobias Quathamer)
[2026-01-04] Accepted hugo 0.154.2-1 (source) into unstable (Dr. Tobias Quathamer)
[2026-01-02] Accepted hugo 0.154.1-1 (source) into unstable (Dr. Tobias Quathamer)
[2025-12-23] Accepted hugo 0.153.2-1 (source) into unstable (Dr. Tobias Quathamer)
[2025-12-22] Accepted hugo 0.153.1-3 (source) into unstable (Dr. Tobias Quathamer)
[2025-12-22] Accepted hugo 0.153.1-2 (source) into unstable (Dr. Tobias Quathamer)
[2025-12-21] Accepted hugo 0.153.1-1 (source) into unstable (Dr. Tobias Quathamer)
[2025-12-20] Accepted hugo 0.153.0-1 (source) into unstable (Dr. Tobias Quathamer)
[2025-10-30] hugo 0.152.2-1 MIGRATED to testing (Debian testing watch)
[2025-10-28] hugo 0.152.1-1 MIGRATED to testing (Debian testing watch)
[2025-10-28] Accepted hugo 0.152.2-1 (source) into unstable (Dr. Tobias Quathamer)
[2025-10-23] Accepted hugo 0.152.1-1 (source) into unstable (Dr. Tobias Quathamer)
[2025-10-22] hugo 0.151.2-1 MIGRATED to testing (Debian testing watch)
[2025-10-17] Accepted hugo 0.151.2-1 (source) into unstable (Dr. Tobias Quathamer)
[2025-10-16] Accepted hugo 0.151.1-1 (source) into unstable (Dr. Tobias Quathamer)
[2025-10-09] hugo 0.151.0-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.154.5-1